# Splunk Threat Hunting Ep.6 Credential Access

In this lab, the adversary gathers various forms of credentials from the victim.

<figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FUmqnMNVjgJzIze9LJ9V9%2F3.1.PNG?alt=media&#x26;token=0a481f9c-a9ea-44fd-ba92-fd9baa057893" alt=""><figcaption><p>Using Splunk to answer Question 3</p></figcaption></figure>

<div align="left"><figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FLQoEAXi14iLAKyvnvW7J%2F3.PNG?alt=media&#x26;token=2f18f78b-79b8-434d-8c8d-2da65e39fcb7" alt=""><figcaption><p>Question 3 and correct answer</p></figcaption></figure></div>

<div align="left"><figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FAs3g9mfEsZpDxbP6rXxo%2F4.1.PNG?alt=media&#x26;token=ee1e3223-9d90-47a9-9109-5c7a44a47188" alt=""><figcaption><p>Searching for Question 4</p></figcaption></figure></div>

<figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FrURRWEFNpEWG2NaCCVax%2F4.PNG?alt=media&#x26;token=5dfe37cb-f342-4be2-88ee-5c627df0fd2c" alt=""><figcaption><p>Question 4</p></figcaption></figure>

<figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FKEWxflHdf10jgnCPLyeZ%2F5.1.PNG?alt=media&#x26;token=3e75de88-4e3b-4bf4-9402-94cacb91f401" alt=""><figcaption><p>Searching for question 5</p></figcaption></figure>

<figure><img src="https://2022164620-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtzurpgroDJSMn9AFVmQP%2Fuploads%2FZgAmCjoXomDdj5FFulWJ%2F5.PNG?alt=media&#x26;token=abb21394-6def-451c-b104-8985bd11e1f9" alt=""><figcaption><p>Question 5</p></figcaption></figure>